CVE-2023-46454 · Vexday

CVE-2023-46454

EPSS 23.5%

In GL.iNET GL-AR300M routers with firmware v4.3.7, it is possible to inject arbitrary shell commands through a crafted package name in the package information functionality.

Affected products

n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://cyberaz0r.info/2023/11/glinet-multiple-vulnerabilities/